SecuriteInfo[.]com[.]W32[.]Kryptik[.]LCO[.]gen[.]Eldorado[.]15968[.]5155[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Kryptik.LCO.gen.Eldorado.15968.5155.dll
Size

2.1MB
MD5

7b79486dfe10061c056107be6eda4513
SHA1

3da90f0afe045005ad4b73a7cd41778a9b92bcc0
SHA256

d1e9b1b1606d76d0c96addf9ecb761096516e51deca0f77a689055f3ab093746
SHA512

083543a1e7aa699018102d0cb0eeb66d68e1d6ea0b6da624ac908e1294a55ed95dbae4b41ed88644bf4a7695bc03e0ebed673d74e728031feedbf07af635c923
SSDEEP

49152:lqrtRQlBC/aqeP66tpJxs+70Tvy7qRssRZ0dizKVkOYqtN:lqr/uBjPP66zzJ0b6qRsYZ0dizxOYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Kryptik.LCO.gen.Eldorado.15968.5155.dll

Files

SecuriteInfo.com.W32.Kryptik.LCO.gen.Eldorado.15968.5155.dll
.dll windows:5 windows x86 arch:x86

dbace4dd4777f65b3210ee4a74fe80cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SafeArrayCreate
GetRecordInfoFromGuids

setupapi

SetupDiEnumDeviceInfo

kernel32

QueryPerformanceCounter
GetComputerNameW
OutputDebugStringA
CloseHandle
LoadLibraryW
SetConsoleMode
DeleteCriticalSection
GetACP
LoadLibraryExW
GetModuleFileNameW
GetBinaryTypeW
WaitForSingleObjectEx
CreateEventA
SetStdHandle
RegisterWaitForSingleObjectEx
GetTickCount

rpcrt4

RpcMgmtIsServerListening

user32

GetDC
GetCapture
PtInRect
ShowWindow

gdi32

GdiFlush
SetROP2

shlwapi

StrChrA

ws2_32

WSAGetLastError

advapi32

DeleteService

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HgzPKqO
Size: 988KB - Virtual size: 986KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 696KB - Virtual size: 694KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5f
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbace4dd4777f65b3210ee4a74fe80cd

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

setupapi

kernel32

rpcrt4

user32

gdi32

shlwapi

ws2_32

advapi32

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 88KB - Virtual size: 91KB

HgzPKqO Size: 988KB - Virtual size: 986KB

.qdata Size: 696KB - Virtual size: 694KB

5f Size: 364KB - Virtual size: 361KB

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 40KB - Virtual size: 38KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 88KB - Virtual size: 91KB

HgzPKqO
Size: 988KB - Virtual size: 986KB

.qdata
Size: 696KB - Virtual size: 694KB

5f
Size: 364KB - Virtual size: 361KB

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 40KB - Virtual size: 38KB